Hi,
On Fri, 30 Mar 2001, Simon Bryan wrote:
> Could this be the source of non-authenticated entries in my logs? The
> entries actually come from a wide range of addresses.
>
> http_access allow manager localhost
> http_access allow manager cachemanager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access deny !OLMC
> http_access allow manager !localhost
> http_access allow manager gatekeeper
> http_access deny manager
> http_access allow
> local_servers <------------------------------------------
> http_access deny !password
>
>
> where local_servers is:
> acl local_servers dstdomain olmc.nsw.edu.au 192.x.x.y revelation 192.x.x.z
> gatekeeper 192.x.x.w vortex
>
> These are either our domain, or other servers on our network. 192.x.x.z
> (gatekeeper) is our proxy server but it also runs our webserver. Also I did
> this a long time ago, should I have to list the machine name as well as the
> IP in local_servers or should the IP address be sufficient?
You don't say which destinations are being reached by non-authenticated
users. According to what's above, anyone can go to "localservers" without
authentication. Without knowing all the acls it is difficult to know
exactly where the system is falling down. I have a sneaking suspicion
"deny !OLMC" might be your culprit. I base that suspicion on OLMC being
the definition of your networks as a source.
Colin
Received on Thu Mar 29 2001 - 19:41:37 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:02 MST